The Missing Piece for AI-Assisted Infrastructure Management

Source: Dev.to

The Real Problem: Coordination Across Heterogeneous Infrastructure

If you have a single server, infrastructure management is straightforward: SSH in, run commands, done.

Real infrastructure—even a homelab—is rarely a single server. It’s a collection of machines with different purposes, different access patterns, and different failure modes. Deploying a new service might touch five different systems. Troubleshooting a problem means correlating logs and metrics across multiple hosts.

This is where AI assistance could genuinely help. Not by being smarter than me at any individual task, but by handling the coordination overhead. The AI can:

1. SSH into the reverse proxy, check the config.
2. Hop over to the app server, verify the deployment.
3. Query the database to confirm the migration ran.
4. Report back—all while I describe what I’m trying to accomplish in plain English.

Current AI‑infrastructure integrations are either too locked down to be useful, or they require you to paste credentials into places that make security folks nervous. I wanted something different: tell Claude “deploy the new version to production” and have it actually coordinate across my systems without ever seeing a single IP address, password, or private key.

That’s not paranoia. It’s good architecture.

The Solution: SSH MCP Bridge

MCP (Model Context Protocol) is how modern AI assistants like Claude, ChatGPT, and VS Code Copilot connect to external tools. Instead of copy‑pasting command outputs back and forth, you expose tools that the AI can call directly. The ecosystem is still young, but it’s maturing fast.

SSH MCP Bridge is an MCP server that sits between your AI assistant and your infrastructure:

AI Assistant (Claude / ChatGPT / VS Code)
           │
           ▼
    SSH MCP Bridge
           │
           ▼
Your Servers (web, db, cache, …)

What the AI sees

• A list of friendly server names (web-server, database, redis-cache).
• Descriptions of what each server does.
• Tools to execute commands and manage sessions.

What the AI never sees

• IP addresses.
• SSH private keys.
• Passwords.
• Network topology.

This isn’t just about security (though that’s the main point). It also makes the AI’s job easier. Instead of reasoning about 192.168.1.47, it thinks about “the production database server”—exactly how we think about infrastructure.

Two Ways to Deploy

I designed this for two different use cases, because my needs vary.

What You Can Actually Do With This

Troubleshooting

“Check disk usage and memory on all servers, and tell me if anything looks concerning.”

The AI queries each host, aggregates the results, and gives you a concise summary—no more opening four terminal tabs.

Deployments

“Pull the latest code on the app server, run migrations on the database, restart the application, and verify it’s responding.”

One sentence coordinates multiple servers in the correct order.

Configuration Changes

“Add a new upstream server to the nginx config and reload.”

The AI reads the current config, makes the edit, validates it, and applies it.

Investigation

“Show me the last 50 lines of the application log, and check if there are any related errors in the nginx access log.”

Cross‑referencing logs across servers becomes conversational.

Key insight: the AI maintains context across multiple commands and multiple servers. It remembers what it just checked, notices patterns, and can reason about the overall state of your system.

Session Management

SSH connections are relatively expensive to establish. You don’t want to open a new connection for every command.

The bridge maintains a session pool:

• Once a connection to a host is established, it stays open and gets reused.
• Sessions automatically close after a configurable idle timeout.
• Pool size and timeout are tunable via the bridge’s configuration file.

Getting Started

1. Clone the repository

   git clone https://github.com/yourname/ssh-mcp-bridge.git
   cd ssh-mcp-bridge

2. Configure your servers (config.yaml)

   servers:
     - name: web-server
       host: web.example.com
       user: ubuntu
       identity_file: ~/.ssh/id_rsa_web
       description: "Production web application"
     - name: database
       host: db.example.com
       user: postgres
       identity_file: ~/.ssh/id_rsa_db
       description: "PostgreSQL primary"

3. Run in STDIO mode (local)

   ./ssh-mcp-bridge --mode stdio

4. Run in HTTP mode (remote)

   ./ssh-mcp-bridge --mode http --listen 0.0.0.0:8080 --auth api-key

5. Connect your AI assistant

   Follow the instructions in docs/ai-integration.md for Claude, ChatGPT, or VS Code.

Contributing

• Fork the repo and open a PR.
• Follow the code style defined in .editorconfig.
• Add unit tests for any new functionality.

License

MIT © 2024 Your Name

SSH MCP Bridge lets you keep the keys and IPs to yourself while still getting the productivity boost of AI‑driven orchestration. Give it a try, and let me know what you build!

Overview

The SSH MCP Bridge lets Claude (or any MCP‑compatible AI) run commands on remote SSH hosts via the MCP protocol. It abstracts away the SSH details, exposing a simple HTTP or MCP endpoint that the AI can call.

• Modes –

  • Shell mode – persistent shell channel; working directory & environment persist between commands.
  • Exec mode – stateless, isolated commands; each command runs in its own session.

• Session handling – idle timeout defaults to 30 minutes. A cap on concurrent sessions per host prevents resource exhaustion.

Security Considerations

Infrastructure access is serious, so the bridge is built around defense‑in‑depth.

Credential Isolation

• The bridge stores SSH credentials; clients never see them.

Command‑Level Control

1. OS‑level restriction – The SSH username you configure determines what the remote OS allows (e.g., a non‑root user cannot run privileged commands).
2. Bridge‑level allow/deny lists –
   • Deny list – block patterns such as rm -rf or sudo.
   • Allow list – restrict execution to a specific whitelist of commands.
   • The AI can only run commands you have explicitly permitted.

Authentication

• HTTP mode supports:
  • API keys – simple setups.
  • OAuth 2.0 / OIDC – enterprise‑grade (Auth0, Azure AD, Okta, Keycloak, etc.).

Audit Logging

• Every command is logged with: timestamp, user identity (JWT in OAuth mode), target host, and result.
• Enables “who did what, when” for compliance or incident investigations.

Container Security

• Docker image runs as a non‑root user.
• Mount config and SSH keys as read‑only volumes.
• Apply resource limits (CPU, memory).

Network Isolation

• Deploy behind a TLS‑terminating reverse proxy.
• Restrict access via firewall rules or VPN.

Do NOT expose the bridge directly to the public internet with only API‑key auth.

Getting Started

1. Clone & Set Up the Python Environment

git clone https://github.com/shashikanth-gs/mcp-ssh-bridge.git
cd ssh-mcp-bridge
python -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt

2. Create a Configuration File (config.yaml)

server:
  enable_stdio: true
  log_level: "INFO"

hosts:
  - name: my-server
    description: "Development server"
    host: "your-server.com"
    username: "your-user"
    private_key_path: "~/.ssh/id_rsa"
    execution_mode: "shell"   # or "exec"

session:
  idle_timeout: 30   # minutes

3. Add the Bridge to Claude Desktop (or any MCP client)

{
  "mcpServers": {
    "ssh-bridge": {
      "command": "/path/to/venv/bin/python",
      "args": ["-m", "ssh_mcp_bridge", "/path/to/config.yaml"]
    }
  }
}

Restart Claude Desktop and ask it to list your SSH hosts. If everything is correct, the server will appear in the UI.

4. (Optional) Docker Deployment

A docker-compose.yml example is provided in the repository for those who prefer containerized runs.

Why Open Source This?

• Personal need – I built it to manage my own infrastructure with AI assistance.
• Ecosystem gap – Most MCP examples are simple file readers or web scrapers; infrastructure management is harder but offers high leverage.
• Community feedback – I’m looking for contributions and ideas.

Planned Features (PRs welcome)

• SCP/SFTP file transfers
• Bastion (jump‑host) support
• MCP resources for exposing server state

Wrapping Up

AI‑assisted infrastructure management is arriving whether we’re ready or not. The key is to do it securely and auditable.

SSH MCP Bridge is my attempt at that balance. It may not fit every use‑case, but if you need a way for AI to help manage servers without compromising security, give it a try.

• Repository:
• Docker images: on Docker Hub (see repo README)

Questions, feedback, or war stories about AI and infrastructure? I’d love to hear them.